init.rc revision adf0d1bbfa4bc560c2106f14afa8258a11c48bf6 
1# Copyright (C) 2012 The Android Open Source Project
2#
3# IMPORTANT: Do not create world writable files or directories.
4# This is a common source of Android security bugs.
5#
6
7import /init.environ.rc
8import /init.usb.rc
9import /init.${ro.hardware}.rc
10import /init.${ro.zygote}.rc
11import /init.trace.rc
12
13on early-init
14    # Set init and its forked children's oom_adj.
15    write /proc/1/oom_score_adj -1000
16
17    # Set the security context of /adb_keys if present.
18    restorecon /adb_keys
19
20    start ueventd
21
22    # create mountpoints
23    mkdir /mnt 0775 root system
24
25on init
26    sysclktz 0
27
28    # Backward compatibility.
29    symlink /system/etc /etc
30    symlink /sys/kernel/debug /d
31
32    # Link /vendor to /system/vendor for devices without a vendor partition.
33    symlink /system/vendor /vendor
34
35    # Create cgroup mount point for cpu accounting
36    mkdir /acct
37    mount cgroup none /acct cpuacct
38    mkdir /acct/uid
39
40    # Create cgroup mount point for memory
41    mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000
42    mkdir /sys/fs/cgroup/memory 0750 root system
43    mount cgroup none /sys/fs/cgroup/memory memory
44    write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1
45    chown root system /sys/fs/cgroup/memory/tasks
46    chmod 0660 /sys/fs/cgroup/memory/tasks
47    mkdir /sys/fs/cgroup/memory/sw 0750 root system
48    write /sys/fs/cgroup/memory/sw/memory.swappiness 100
49    write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1
50    chown root system /sys/fs/cgroup/memory/sw/tasks
51    chmod 0660 /sys/fs/cgroup/memory/sw/tasks
52
53    mkdir /system
54    mkdir /data 0771 system system
55    mkdir /cache 0770 system cache
56    mkdir /config 0500 root root
57
58    # See storage config details at http://source.android.com/tech/storage/
59    mkdir /mnt/shell 0700 shell shell
60    mkdir /mnt/media_rw 0700 media_rw media_rw
61    mkdir /storage 0751 root sdcard_r
62
63    # Directory for putting things only root should see.
64    mkdir /mnt/secure 0700 root root
65
66    # Directory for staging bindmounts
67    mkdir /mnt/secure/staging 0700 root root
68
69    # Directory-target for where the secure container
70    # imagefile directory will be bind-mounted
71    mkdir /mnt/secure/asec  0700 root root
72
73    # Secure container public mount points.
74    mkdir /mnt/asec  0700 root system
75    mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
76
77    # Filesystem image public mount points.
78    mkdir /mnt/obb 0700 root system
79    mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
80
81    # memory control cgroup
82    mkdir /dev/memcg 0700 root system
83    mount cgroup none /dev/memcg memory
84
85    write /proc/sys/kernel/panic_on_oops 1
86    write /proc/sys/kernel/hung_task_timeout_secs 0
87    write /proc/cpu/alignment 4
88    write /proc/sys/kernel/sched_latency_ns 10000000
89    write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
90    write /proc/sys/kernel/sched_compat_yield 1
91    write /proc/sys/kernel/sched_child_runs_first 0
92    write /proc/sys/kernel/randomize_va_space 2
93    write /proc/sys/kernel/kptr_restrict 2
94    write /proc/sys/vm/mmap_min_addr 32768
95    write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
96    write /proc/sys/net/unix/max_dgram_qlen 300
97    write /proc/sys/kernel/sched_rt_runtime_us 950000
98    write /proc/sys/kernel/sched_rt_period_us 1000000
99
100    # reflect fwmark from incoming packets onto generated replies
101    write /proc/sys/net/ipv4/fwmark_reflect 1
102    write /proc/sys/net/ipv6/fwmark_reflect 1
103
104    # set fwmark on accepted sockets
105    write /proc/sys/net/ipv4/tcp_fwmark_accept 1
106
107    # Create cgroup mount points for process groups
108    mkdir /dev/cpuctl
109    mount cgroup none /dev/cpuctl cpu
110    chown system system /dev/cpuctl
111    chown system system /dev/cpuctl/tasks
112    chmod 0666 /dev/cpuctl/tasks
113    write /dev/cpuctl/cpu.shares 1024
114    write /dev/cpuctl/cpu.rt_runtime_us 800000
115    write /dev/cpuctl/cpu.rt_period_us 1000000
116
117    mkdir /dev/cpuctl/bg_non_interactive
118    chown system system /dev/cpuctl/bg_non_interactive/tasks
119    chmod 0666 /dev/cpuctl/bg_non_interactive/tasks
120    # 5.0 %
121    write /dev/cpuctl/bg_non_interactive/cpu.shares 52
122    write /dev/cpuctl/bg_non_interactive/cpu.rt_runtime_us 700000
123    write /dev/cpuctl/bg_non_interactive/cpu.rt_period_us 1000000
124
125    # qtaguid will limit access to specific data based on group memberships.
126    #   net_bw_acct grants impersonation of socket owners.
127    #   net_bw_stats grants access to other apps' detailed tagged-socket stats.
128    chown root net_bw_acct /proc/net/xt_qtaguid/ctrl
129    chown root net_bw_stats /proc/net/xt_qtaguid/stats
130
131    # Allow everybody to read the xt_qtaguid resource tracking misc dev.
132    # This is needed by any process that uses socket tagging.
133    chmod 0644 /dev/xt_qtaguid
134
135    # Create location for fs_mgr to store abbreviated output from filesystem
136    # checker programs.
137    mkdir /dev/fscklogs 0770 root system
138
139    # pstore/ramoops previous console log
140    mount pstore pstore /sys/fs/pstore
141    chown system log /sys/fs/pstore/console-ramoops
142    chmod 0440 /sys/fs/pstore/console-ramoops
143    chown system log /sys/fs/pstore/pmsg-ramoops-0
144    chmod 0440 /sys/fs/pstore/pmsg-ramoops-0
145
146    # enable armv8_deprecated instruction hooks
147    write /proc/sys/abi/swp 1
148
149# Healthd can trigger a full boot from charger mode by signaling this
150# property when the power button is held.
151on property:sys.boot_from_charger_mode=1
152    class_stop charger
153    trigger late-init
154
155# Load properties from /system/ + /factory after fs mount.
156on load_all_props_action
157    load_all_props
158    start logd-reinit
159
160# Indicate to fw loaders that the relevant mounts are up.
161on firmware_mounts_complete
162    rm /dev/.booting
163
164# Mount filesystems and start core system services.
165on late-init
166    trigger early-fs
167    trigger fs
168    trigger post-fs
169    trigger post-fs-data
170
171    # Load properties from /system/ + /factory after fs mount. Place
172    # this in another action so that the load will be scheduled after the prior
173    # issued fs triggers have completed.
174    trigger load_all_props_action
175
176    # Remove a file to wake up anything waiting for firmware.
177    trigger firmware_mounts_complete
178
179    trigger early-boot
180    trigger boot
181
182
183on post-fs
184    start logd
185    # once everything is setup, no need to modify /
186    mount rootfs rootfs / ro remount
187    # mount shared so changes propagate into child namespaces
188    mount rootfs rootfs / shared rec
189
190    # We chown/chmod /cache again so because mount is run as root + defaults
191    chown system cache /cache
192    chmod 0770 /cache
193    # We restorecon /cache in case the cache partition has been reset.
194    restorecon_recursive /cache
195
196    # This may have been created by the recovery system with odd permissions
197    chown system cache /cache/recovery
198    chmod 0770 /cache/recovery
199
200    #change permissions on vmallocinfo so we can grab it from bugreports
201    chown root log /proc/vmallocinfo
202    chmod 0440 /proc/vmallocinfo
203
204    chown root log /proc/slabinfo
205    chmod 0440 /proc/slabinfo
206
207    #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
208    chown root system /proc/kmsg
209    chmod 0440 /proc/kmsg
210    chown root system /proc/sysrq-trigger
211    chmod 0220 /proc/sysrq-trigger
212    chown system log /proc/last_kmsg
213    chmod 0440 /proc/last_kmsg
214
215    # make the selinux kernel policy world-readable
216    chmod 0444 /sys/fs/selinux/policy
217
218    # create the lost+found directories, so as to enforce our permissions
219    mkdir /cache/lost+found 0770 root root
220
221on post-fs-data
222    installkey /data
223
224    # We chown/chmod /data again so because mount is run as root + defaults
225    chown system system /data
226    chmod 0771 /data
227    # We restorecon /data in case the userdata partition has been reset.
228    restorecon /data
229
230    # Start bootcharting as soon as possible after the data partition is
231    # mounted to collect more data.
232    mkdir /data/bootchart 0755 shell shell
233    bootchart_init
234
235    # Avoid predictable entropy pool. Carry over entropy from previous boot.
236    copy /data/system/entropy.dat /dev/urandom
237
238    # create basic filesystem structure
239    mkdir /data/misc 01771 system misc
240    mkdir /data/misc/adb 02750 system shell
241    mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack
242    mkdir /data/misc/bluetooth 0770 system system
243    mkdir /data/misc/keystore 0700 keystore keystore
244    mkdir /data/misc/gatekeeper 0700 system system
245    mkdir /data/misc/keychain 0771 system system
246    mkdir /data/misc/net 0750 root shell
247    mkdir /data/misc/radio 0770 system radio
248    mkdir /data/misc/sms 0770 system radio
249    mkdir /data/misc/zoneinfo 0775 system system
250    mkdir /data/misc/vpn 0770 system vpn
251    mkdir /data/misc/shared_relro 0771 shared_relro shared_relro
252    mkdir /data/misc/systemkeys 0700 system system
253    mkdir /data/misc/wifi 0770 wifi wifi
254    mkdir /data/misc/wifi/sockets 0770 wifi wifi
255    mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi
256    mkdir /data/misc/ethernet 0770 system system
257    mkdir /data/misc/dhcp 0770 dhcp dhcp
258    mkdir /data/misc/user 0771 root root
259    # give system access to wpa_supplicant.conf for backup and restore
260    chmod 0660 /data/misc/wifi/wpa_supplicant.conf
261    mkdir /data/local 0751 root root
262    mkdir /data/misc/media 0700 media media
263
264    # For security reasons, /data/local/tmp should always be empty.
265    # Do not place files or directories in /data/local/tmp
266    mkdir /data/local/tmp 0771 shell shell
267    mkdir /data/data 0771 system system
268    mkdir /data/app-private 0771 system system
269    mkdir /data/app-asec 0700 root root
270    mkdir /data/app-lib 0771 system system
271    mkdir /data/app 0771 system system
272    mkdir /data/property 0700 root root
273    mkdir /data/tombstones 0771 system system
274
275    # create dalvik-cache, so as to enforce our permissions
276    mkdir /data/dalvik-cache 0771 root root
277    mkdir /data/dalvik-cache/profiles 0711 system system
278
279    # create resource-cache and double-check the perms
280    mkdir /data/resource-cache 0771 system system
281    chown system system /data/resource-cache
282    chmod 0771 /data/resource-cache
283
284    # create the lost+found directories, so as to enforce our permissions
285    mkdir /data/lost+found 0770 root root
286
287    # create directory for DRM plug-ins - give drm the read/write access to
288    # the following directory.
289    mkdir /data/drm 0770 drm drm
290
291    # create directory for MediaDrm plug-ins - give drm the read/write access to
292    # the following directory.
293    mkdir /data/mediadrm 0770 mediadrm mediadrm
294
295    mkdir /data/adb 0700 root root
296
297    # symlink to bugreport storage location
298    symlink /data/data/com.android.shell/files/bugreports /data/bugreports
299
300    # Separate location for storing security policy files on data
301    mkdir /data/security 0711 system system
302
303    # Create all remaining /data root dirs so that they are made through init
304    # and get proper encryption policy installed
305    mkdir /data/backup 0700 system system
306    mkdir /data/media 0770 media_rw media_rw
307    mkdir /data/ss 0700 system system
308    mkdir /data/system 0775 system system
309    mkdir /data/system/heapdump 0700 system system
310    mkdir /data/user 0711 system system
311
312    # Reload policy from /data/security if present.
313    setprop selinux.reload_policy 1
314
315    # Set SELinux security contexts on upgrade or policy update.
316    restorecon_recursive /data
317
318    # Check any timezone data in /data is newer than the copy in /system, delete if not.
319    exec u:r:tzdatacheck:s0 system system -- /system/bin/tzdatacheck /system/usr/share/zoneinfo /data/misc/zoneinfo
320
321    # If there is no fs-post-data action in the init.<device>.rc file, you
322    # must uncomment this line, otherwise encrypted filesystems
323    # won't work.
324    # Set indication (checked by vold) that we have finished this action
325    #setprop vold.post_fs_data_done 1
326
327on boot
328    # basic network init
329    ifup lo
330    hostname localhost
331    domainname localdomain
332
333    # set RLIMIT_NICE to allow priorities from 19 to -20
334    setrlimit 13 40 40
335
336    # Memory management.  Basic kernel parameters, and allow the high
337    # level system server to be able to adjust the kernel OOM driver
338    # parameters to match how it is managing things.
339    write /proc/sys/vm/overcommit_memory 1
340    write /proc/sys/vm/min_free_order_shift 4
341    chown root system /sys/module/lowmemorykiller/parameters/adj
342    chmod 0220 /sys/module/lowmemorykiller/parameters/adj
343    chown root system /sys/module/lowmemorykiller/parameters/minfree
344    chmod 0220 /sys/module/lowmemorykiller/parameters/minfree
345
346    # Tweak background writeout
347    write /proc/sys/vm/dirty_expire_centisecs 200
348    write /proc/sys/vm/dirty_background_ratio  5
349
350    # Permissions for System Server and daemons.
351    chown radio system /sys/android_power/state
352    chown radio system /sys/android_power/request_state
353    chown radio system /sys/android_power/acquire_full_wake_lock
354    chown radio system /sys/android_power/acquire_partial_wake_lock
355    chown radio system /sys/android_power/release_wake_lock
356    chown system system /sys/power/autosleep
357    chown system system /sys/power/state
358    chown system system /sys/power/wakeup_count
359    chown radio system /sys/power/wake_lock
360    chown radio system /sys/power/wake_unlock
361    chmod 0660 /sys/power/state
362    chmod 0660 /sys/power/wake_lock
363    chmod 0660 /sys/power/wake_unlock
364
365    chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
366    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
367    chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack
368    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack
369    chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
370    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
371    chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
372    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
373    chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads
374    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads
375    chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
376    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
377    chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
378    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
379    chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
380    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
381    chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
382    chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
383    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
384    chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
385    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration
386    chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
387    chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy
388
389    # Assume SMP uses shared cpufreq policy for all CPUs
390    chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
391    chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
392
393    chown system system /sys/class/timed_output/vibrator/enable
394    chown system system /sys/class/leds/keyboard-backlight/brightness
395    chown system system /sys/class/leds/lcd-backlight/brightness
396    chown system system /sys/class/leds/button-backlight/brightness
397    chown system system /sys/class/leds/jogball-backlight/brightness
398    chown system system /sys/class/leds/red/brightness
399    chown system system /sys/class/leds/green/brightness
400    chown system system /sys/class/leds/blue/brightness
401    chown system system /sys/class/leds/red/device/grpfreq
402    chown system system /sys/class/leds/red/device/grppwm
403    chown system system /sys/class/leds/red/device/blink
404    chown system system /sys/class/timed_output/vibrator/enable
405    chown system system /sys/module/sco/parameters/disable_esco
406    chown system system /sys/kernel/ipv4/tcp_wmem_min
407    chown system system /sys/kernel/ipv4/tcp_wmem_def
408    chown system system /sys/kernel/ipv4/tcp_wmem_max
409    chown system system /sys/kernel/ipv4/tcp_rmem_min
410    chown system system /sys/kernel/ipv4/tcp_rmem_def
411    chown system system /sys/kernel/ipv4/tcp_rmem_max
412    chown root radio /proc/cmdline
413
414    # Define default initial receive window size in segments.
415    setprop net.tcp.default_init_rwnd 60
416
417    class_start core
418
419on nonencrypted
420    class_start main
421    class_start late_start
422
423on property:vold.decrypt=trigger_default_encryption
424    start defaultcrypto
425
426on property:vold.decrypt=trigger_encryption
427    start surfaceflinger
428    start encrypt
429
430on property:sys.init_log_level=*
431    loglevel ${sys.init_log_level}
432
433on charger
434    class_start charger
435
436on property:vold.decrypt=trigger_reset_main
437    class_reset main
438
439on property:vold.decrypt=trigger_load_persist_props
440    load_persist_props
441    start logd-reinit
442
443on property:vold.decrypt=trigger_post_fs_data
444    trigger post-fs-data
445
446on property:vold.decrypt=trigger_restart_min_framework
447    class_start main
448
449on property:vold.decrypt=trigger_restart_framework
450    installkey /data
451    class_start main
452    class_start late_start
453
454on property:vold.decrypt=trigger_shutdown_framework
455    class_reset late_start
456    class_reset main
457
458on property:sys.powerctl=*
459    powerctl ${sys.powerctl}
460
461# system server cannot write to /proc/sys files,
462# and chown/chmod does not work for /proc/sys/ entries.
463# So proxy writes through init.
464on property:sys.sysctl.extra_free_kbytes=*
465    write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes}
466
467# "tcp_default_init_rwnd" Is too long!
468on property:sys.sysctl.tcp_def_init_rwnd=*
469    write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd}
470
471
472## Daemon processes to be run by init.
473##
474service ueventd /sbin/ueventd
475    class core
476    critical
477    seclabel u:r:ueventd:s0
478
479service logd /system/bin/logd
480    class core
481    socket logd stream 0666 logd logd
482    socket logdr seqpacket 0666 logd logd
483    socket logdw dgram 0222 logd logd
484
485service logd-reinit /system/bin/logd --reinit
486    start logd
487    oneshot
488    disabled
489
490service healthd /sbin/healthd
491    class core
492    critical
493    seclabel u:r:healthd:s0
494
495service console /system/bin/sh
496    class core
497    console
498    disabled
499    user shell
500    group shell log
501    seclabel u:r:shell:s0
502
503on property:ro.debuggable=1
504    start console
505
506# adbd is controlled via property triggers in init.<platform>.usb.rc
507service adbd /sbin/adbd --root_seclabel=u:r:su:s0
508    class core
509    socket adbd stream 660 system system
510    disabled
511    seclabel u:r:adbd:s0
512
513# adbd on at boot in emulator
514on property:ro.kernel.qemu=1
515    start adbd
516
517service lmkd /system/bin/lmkd
518    class core
519    critical
520    socket lmkd seqpacket 0660 system system
521
522service servicemanager /system/bin/servicemanager
523    class core
524    user system
525    group system
526    critical
527    onrestart restart healthd
528    onrestart restart zygote
529    onrestart restart media
530    onrestart restart surfaceflinger
531    onrestart restart drm
532
533service vold /system/bin/vold
534    class core
535    socket vold stream 0660 root mount
536    ioprio be 2
537
538service netd /system/bin/netd
539    class main
540    socket netd stream 0660 root system
541    socket dnsproxyd stream 0660 root inet
542    socket mdns stream 0660 root system
543    socket fwmarkd stream 0660 root inet
544
545service debuggerd /system/bin/debuggerd
546    class main
547
548service debuggerd64 /system/bin/debuggerd64
549    class main
550
551service ril-daemon /system/bin/rild
552    class main
553    socket rild stream 660 root radio
554    socket rild-debug stream 660 radio system
555    user root
556    group radio cache inet misc audio log
557
558service surfaceflinger /system/bin/surfaceflinger
559    class core
560    user system
561    group graphics drmrpc
562    onrestart restart zygote
563
564service drm /system/bin/drmserver
565    class main
566    user drm
567    group drm system inet drmrpc
568
569service media /system/bin/mediaserver
570    class main
571    user media
572    group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc mediadrm
573    ioprio rt 4
574
575# One shot invocation to deal with encrypted volume.
576service defaultcrypto /system/bin/vdc --wait cryptfs mountdefaultencrypted
577    disabled
578    oneshot
579    # vold will set vold.decrypt to trigger_restart_framework (default
580    # encryption) or trigger_restart_min_framework (other encryption)
581
582# One shot invocation to encrypt unencrypted volumes
583service encrypt /system/bin/vdc --wait cryptfs enablecrypto inplace default
584    disabled
585    oneshot
586    # vold will set vold.decrypt to trigger_restart_framework (default
587    # encryption)
588
589service bootanim /system/bin/bootanimation
590    class core
591    user graphics
592    group graphics audio
593    disabled
594    oneshot
595
596service installd /system/bin/installd
597    class main
598    socket installd stream 600 system system
599
600service flash_recovery /system/bin/install-recovery.sh
601    class main
602    oneshot
603
604service racoon /system/bin/racoon
605    class main
606    socket racoon stream 600 system system
607    # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
608    group vpn net_admin inet
609    disabled
610    oneshot
611
612service mtpd /system/bin/mtpd
613    class main
614    socket mtpd stream 600 system system
615    user vpn
616    group vpn net_admin inet net_raw
617    disabled
618    oneshot
619
620service keystore /system/bin/keystore /data/misc/keystore
621    class main
622    user keystore
623    group keystore drmrpc
624
625service dumpstate /system/bin/dumpstate -s
626    class main
627    socket dumpstate stream 0660 shell log
628    disabled
629    oneshot
630
631service mdnsd /system/bin/mdnsd
632    class main
633    user mdnsr
634    group inet net_raw
635    socket mdnsd stream 0660 mdnsr inet
636    disabled
637    oneshot
638
639service pre-recovery /system/bin/uncrypt
640    class main
641    disabled
642    oneshot
643